Risk
4/8/2008
06:01 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

RSA: Chertoff Likens U.S. Cyber Security To 'Manhattan Project'

The Homeland Security secretary calls for beefing up the cyberdefenses of federal agencies and making sure all of them can respond to threats around the clock.

In a keynote address at the RSA Conference in San Francisco, Homeland Security Secretary Michael Chertoff warned that the damage caused by a large-scale cyberattack might result in consequences comparable to the Sept. 11, 2001, attack on the World Trade Center buildings in New York.

"We have to look not only at threats that have materialized in the past," said Chertoff. "We have to consider the threats that may materialize in the future. ... We know that a successful large-scale cyberattack against our country would have very wide-reaching consequences."

Through the Internet, terrorists and criminals can do the kind of damage they could never do on their own, Chertoff said. As an example, he cited the massive denial-of-service attack launched against Estonian government computers last year.

"This attack went beyond simple mischief, it represented an actual threat to the ability of the Estonian government to govern the country," said Chertoff.

"Imagine what would happen if it were possible for hackers to enter the air travel system," he said.

Chertoff characterized cybersecurity as a very serious challenge, one that is likely to grow more serious over time. A network response, he said, is necessary to deal with network attacks.

"It takes a network to beat a network," said Chertoff.

Though US-CERT, the U.S. Computer Emergency Readiness Team, which provides information necessary to defend the nation's networks, Chertoff hopes to bring additional resources to bear to defend the country's computers.

Chertoff likened the government's attempt to improve its cybersecurity to the intensive effort of the Manhattan Project that brought the atomic bomb to fruition. In January, President Bush signed an order that gave DHS and the National Security Agency greater power to oversee government computer security. Details about what the agencies are doing remain classified.

Presently, Chertoff said it's not possible to monitor access to federal networks in real time, not all federal agencies have 24/7 network monitoring capabilities, and US-CERT's Einstein system is too backward looking in that it identifies threats that have already had an impact.

Chertoff said the government simply doesn't respond fast enough across the board. "The time delay is time that we cannot afford to lose in a world where attacks come literally in microseconds and from all corners of the globe," he said.

In keeping with the President's National Strategy to Secure Cyberspace, Chertoff aims to reduce the number of network access points into federal agencies from about 1,000 presently to about 50. He called for beefing up the cyberdefenses of federal agencies and making sure that all of them can respond to threats around the clock.

"The best way to deal with an attack is to prevent it before it happens rather than after it has occurred," Chertoff said.

Chertoff also emphasized the need for the federal government to engage with the private sector, given that so much of the nation's critical infrastructure is secured by private organizations.

And at some point when the government's network security systems are more responsive, Chertoff said he expected that the government would share some network security data to help the private sector keep its systems secure.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0543
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2015-0544
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

CVE-2015-2721
Published: 2015-07-05
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attacke...

CVE-2015-2722
Published: 2015-07-05
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

CVE-2015-2724
Published: 2015-07-05
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code v...

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report